package com.px.auth.controller;

import com.px.auth.config.ApiSecurityConfig;
import com.px.auth.model.AuthReq;
import com.px.common.core.RespCode;
import com.px.common.core.Response;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.Authorization;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.security.Principal;

import static com.px.auth.config.ApiSecurityConfig.*;

@RequestMapping
@RestController
@Api(value = "认证管理", tags = {"认证管理"})
public class AuthController {
    @PostMapping(LOGIN_URL)
    @ApiOperation(value = "登录", notes = "游客使用")
    public Response login(@RequestBody AuthReq authReq){
        return Response.success(null);
    }

    @RequestMapping(LOGOUT_URL)
    @ApiOperation(value = "登出", authorizations = {@Authorization(value = "token")}, notes = "登录后使用")
    public Response logout(){
        return Response.success(null);
    }

    @RequestMapping(value = TOKEN_CHECK_URL)
    @ApiOperation(value = "token检查", authorizations = {@Authorization(value = "token")}, notes = "登录后使用")
    public Response tokenCheck(HttpServletRequest request, HttpServletResponse response, Principal principal){
        String pre = request.getHeader(ApiSecurityConfig.HEADER);
        String current = response.getHeader(ApiSecurityConfig.HEADER);
        if (pre.equals(current))
            return Response.success(null);
        else
            return Response.success(RespCode.TOKEN_UPDATED_SUCCESS, null);
    }

//    public Response tokenRefresh(){
//    }
}
